> >> http_access allow accel_hosts
> >> http_access allow manager localhost
> >> http_access deny manager
> >> http_access allow all
> >>
> > The line above permits anyone who can send a packet to your proxy to use
> > it as a relay for any purpose they like.
> > The restrictions above it are not denying anything except cache_mgr://
> > protocol. So there is no protection inside Squid.
> > The default config is safe if you set localnet to you internal IPs only:
On 11.11.08 19:57, lists_at_grounded.net wrote:
> I actually need to allow public connections since we don't know which
> machines are actually connecting for the testing.
in such case you should restrict destinations only to your servers.
-- Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux is like a teepee: no Windows, no Gates and an apache inside...Received on Wed Nov 12 2008 - 08:57:08 MST
This archive was generated by hypermail 2.2.0 : Wed Nov 12 2008 - 12:00:03 MST